<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
        <title>Login</title>
        <script language="javascript">
            function form1_validation() {
                var error_msg = "";
                if (form1.txtUserName.value == "")
                    error_msg += "* User name is mandatory\n";
                if (form1.txtPassword.value == "")
                    error_msg += "* Password is mandatory\n";
                if (error_msg != "") {
                    alert("Please fix the following errors:\n" + error_msg);
                    return false;
                }
                return true;
            }
        </script>
    </head>
    <?php
    $submit = $_REQUEST["btnLogin"];
    if (!empty($submit)) {
        //get info
        $user_name = $_REQUEST["txtUserName"];
        $password = md5($_REQUEST["txtPassword"]);

        //connect database
        include "ConnectDb.php";

        // check user name and password
        $query = "SELECT user_name, password, full_name, email, user_id FROM users "
                . "WHERE user_name = '$user_name' AND password = '$password'";
        $result = mysql_query($query, $mysql);
        $row = mysql_fetch_row($result);

        if (empty($row)) {
            $notice = "Account invalid";
        } else {
            session_start();
            $_SESSION["user_name"] = $row[0];
            $_SESSION["full_name"] = $row[2];
            $_SESSION["email"] = $row[3];
            $_SESSION["user_id"] = $row[4];
            header("Location: Index.php");
        }
    }
    ?>
    <body>
        <a href="register.php">Register</a> | <a href="login.php">Login</a>
        <hr />
        <form name="form1" action="" onSubmit="return form1_validation()">
            User name: <input type="text" name="txtUserName" /><br />
            Password: <input type="password" name="txtPassword" /><br />
            <input type="submit" value="Login" name="btnLogin" />
            <h1><?php echo $notice; ?></h1>
        </form>
    </body>
</html>




